Vulnerabilities > Solarwinds > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2022-47506 | Path Traversal vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. | 7.8 |
| 2023-02-15 | CVE-2022-47507 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47508 | Unspecified vulnerability in Solarwinds Server and Application Monitor 2022.4 Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos. | 7.5 |
| 2023-02-15 | CVE-2023-23836 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-01-20 | CVE-2022-47012 | Use of Uninitialized Resource vulnerability in Solarwinds Dynamips 0.2.21 Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21. | 7.5 |
| 2023-01-20 | CVE-2022-38112 | Cleartext Storage of Sensitive Information vulnerability in Solarwinds Database Performance Analyzer In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext. | 7.5 |
| 2022-12-16 | CVE-2021-35252 | Improper Authentication vulnerability in Solarwinds Serv-U Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. | 7.5 |
| 2022-11-29 | CVE-2022-36960 | Improper Input Validation vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to Improper Input Validation. | 8.8 |
| 2022-11-29 | CVE-2022-36962 | Command Injection vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to Command Injection. | 7.2 |
| 2022-11-29 | CVE-2022-36964 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 8.8 |